https://gcc.gnu.org/bugzilla/show_bug.cgi?id=125742
Bug ID: 125742
Summary: Missing ASAN_CHECK before write
Product: gcc
Version: 16.1.1
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: fortran
Assignee: unassigned at gcc dot gnu.org
Reporter: henri at henrimenke dot de
Target Milestone: ---
Dear all,
When compiling the following program with
gfortran -g -O0 -Wall -Wextra -Wpedantic -fsanitize=address bug.f90
there is neither a warning nor a runtime error from ASan when dereferencing the
dangling pointer.
program address_sanitizer_miss
implicit none
integer, allocatable, target :: x(:)
integer, pointer :: y(:)
integer :: z
allocate(x(4))
x = [1, 2, 3, 4]
y => x
deallocate(x)
z = 1
write(*,*) y(1) ! dereference dangling pointer
end program address_sanitizer_miss
Valgrind does correctly flag the invalid read of size 4 (with ASan disabled of
course).
The following minor transformation of the program, namely assigning to the
local variable z surfaces the heap-use-after-free.
program address_sanitizer_miss
implicit none
integer, allocatable, target :: x(:)
integer, pointer :: y(:)
integer :: z
allocate(x(4))
x = [1, 2, 3, 4]
y => x
deallocate(x)
z = y(1) ! dereference dangling pointer
write(*,*) z
end program address_sanitizer_miss
Kind regards,
Henri
